How to set cookie in Post Request


#1

Hi, Im writing an application using Ionic 2 framework where the application is connecting to server (ExpressJS) to authenticate. The server after authentication sets a cookie with a session id and I have to send the cookie in the http header for subsequent requests. I’m trying to get the cookie from response header, but not able to get the cookie. Can anyone please help me if this is possible. I have tested the authentication and subsequent calls on Postman, to my surprise Postman sends the cookie correctly without me adding the cookie in the HTTP header.

Thanks in advance.


Ionic2 Set-Cookie ignored in simulator withCredentials
#2

I believe the browser should handle this for you. Are you passing {withCredentials: true} to your successive requests as described in this commit?


#3

Thanks for the link, Just a few minutes ago I found this, and trying to use the same but could make it in my Ionic2 app. If possible please tell how to use this in


#4

Did you found a way to do this? I’m having the same problem =P


#5

I think there is a way to do this, as given in the link. According to commit given from @rapropos we can pass the RequestOptions to the http post request. Will give a try and let you know.

Thanks


#6

I have added the withCredentials flag to true. I do ge the following error:

XMLHttpRequest cannot load http://192.168.1.69:3000/api/login. Response to preflight request doesn’t pass access control check: A wildcard ‘*’ cannot be used in the ‘Access-Control-Allow-Origin’ header when the credentials flag is true. Origin ‘http://192.168.1.69:8100’ is therefore not allowed access. The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.


#7

Hi, did you found a solution? I’m stuck with this. Thanks


#8

With what exactly? Here are multiple problems described…


#9

I have the same problem as Harryandroid on this part

but the backend with whitch I’m trying to connect my app , was made in Java with Shiro as the authentication handler. Im trying passing {withCredentials: true} in the headers of my request like this:

  this.headers = new Headers( { 'Content-Type': 'application/x-www-form-urlencoded',
                                                   'withCredentials': 'true'});
 

  login(credentials:any) {  
    this.options = new RequestOptions({ headers: this.headers});
    return this.http.post(this._url, credentials, this.options)
 }

  getInfo(profile:string) { 
     
    let params: URLSearchParams = new URLSearchParams();
    params.set('profileLogin',profile);
    this.options = new RequestOptions({ headers: this.headers , search: params });
    return this.http.post(this._url, credentials, this.options)
 }

But nothing happend, and the cookie with the JSESSIONID that I want to send back to the server is not send automatically.

Also, I try to send the flag in another way:

  this.headers = new Headers( { 'Content-Type': 'application/x-www-form-urlencoded');
 
 login(credentials:any) {  
    this.options = new RequestOptions({ headers: this.headers,  withCredentials: true});
    return this.http.post(this._url, credentials, this.options)
 }

  getInfo(profile:string) { 
     
    let params: URLSearchParams = new URLSearchParams();
    params.set('profileLogin',profile);
    this.options = new RequestOptions({ headers: this.headers,  withCredentials: true,
 search: params });
    return this.http.post(this._url, credentials, this.options)
 }

I see the same error as , [quote=“Harryinandroid, post:6, topic:59191, full:true”]
I have added the withCredentials flag to true. I do ge the following error:

XMLHttpRequest cannot load http://192.168.1.69:3000/api/login. Response to preflight request doesn’t pass access control check: A wildcard ‘*’ cannot be used in the ‘Access-Control-Allow-Origin’ header when the credentials flag is true. Origin ‘http://192.168.1.69:8100’ is therefore not allowed access. The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.
[/quote]

the only difference between that his error message and mine is the url.

If anyone could help me I would really appreciate


#10

That is a security feature, the error message explains what you have to do: Set the Access-Control-Allow-Origin header to your Origin.

Alternatively you can use Service Proxies for a workaround for testing in the browser: https://github.com/ionic-team/ionic-cli#service-proxies


#11

@Sujan12 I did set the origin to the url instead of wildcard. But still get the same error as @vanee_rivass .

Has anyone solved this. This would have been so common to authenticate using csfr with cookies.

Any help please.


#12

Please post your whole situation in a new topic, then we can work on solving it. Thanks.